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(54) Delivery of electronic content over a network using a hybrid optical disk for authentication 

(57) A method of transferring information from a 
content supplier from one or more databases, such in- 
formation including program(s), audio, still, video, data 
files (for example lists, spreadsheets, reports, docu- 
ments, presentation graphics, sales information), or 
combinations thereof to a location that uses an author- 
izing hybrid disc that permits the use of such transferred 
information, comprising the steps of: providing an au- 
thorizing hybrid optical disc having a ROM portion and 
a RAM portion; providing the ROM portion to include a 
preformed identification signature which is impressed 
into the ROM portion of the disc and is arranged to be 
difficult for a pirate to copy; providing the RAM portion 
which includes user-specific encrypted information 
which makes the optical disc unique for a specific user 
and in combination with the ROM preformed identifica- 
tion signature provides a user-personalized secure sig- 
nature; the content supplier encrypting information for 
each user using the user-personalized secure signature 
and downloading selected encrypted information to the 
particular user's memory location; and a particular user 
using the user-personalized secure signature to decode 
such downloaded selected encrypted information each 
time the user desires to access such information so that 
after use only the encoded encrypted information re- 
mains in the user memory location. 




FIG. 5a 



Q. 

LU 



EP 1 267 244 A2 



Description 

[0001] The present invention relates to delivering 
electronic content in a secure manner from a remote lo- 
cation. 

[0002] With the proliferation of computerized equip- 
ment on a large scale, the easy and rapid sharing of data 
once shared exclusively by "hard copy" methods is be- 
coming more of a reality. This includes text, music, still 
pictures, games, software, video, and other types of in- 
formation. The widespread use of the Internet has al- 
lowed users to download all types of information from 
remote locations. This has created a new information 
distribution model whose characteristics include speed, 
customer convenience, ease of bringing a work to mar- 
ket, and lower costs. Because much of the physical pro- 
duction of such works can be eliminated, a significant 
cost and time savings can be realized in bringing a work 
to market. Significant marketing improvements are also 
possible. For instance, a well-stocked store can now be 
the size of a kiosk or can be located in a single location 
and still be convenient to users throughout the world. 
[0003] With these considerable advantages come 
some disadvantages due to the ease of distribution. Pri- 
mary among these is that the ease of distribution allows 
easy illicit proliferation of works. While it can take con- 
siderable time and effort to duplicate and distribute a tra- 
ditional book, audio recording or video to others, it is 
easier and takes far less time and effort to duplicate and 
distribute an electronic copy of the same work. This is 
of considerable concern to authors, artists, musicians, 
programmers, producers, publishers, and others whose 
works are not in the public domain. 
[0004] This problem has been recognized, and sev- 
eral schemes have been developed to encrypt pro- 
grams and data so that they can only be used by the 
intended recipient. Some schemes are based on en- 
crypting the data with a specific key, and transmitting 
the key along with the encrypted data, to the intended 
recipient. However, if the recipient is willing to share the 
key with the encrypted file, these schemes can be cir- 
cumvented. 

[0005] DeMont US-A-5, 982.889 teaches a method for 
verifying the authenticity of a user's access to informa- 
tion products The disadvantage of this system is that 
authentication is done via a central site. The user who 
does not wish to (or cannot) connect to the network eve- 
ry time he wishes to use the product is excluded from 
using this product. 

[0006] Akiyama and others, US-A-5, 805, 699, pro- 
pose a software copying system which enables copy- 
righted software recorded in a master storage medium 
to be copied to a user's target storage medium in a le- 
gitimate manner. The master storage medium (that is, 
CD-ROM) has a software identifier, and the target stor- 
age medium has a storage medium identifier. The two 
identifiers are sent to a central site, which manages li- 
censing for the rights to copy software products. At the 



central site, a first signature is generated from the two 
identifiers which is sent back to the computer user, In 
the computer of the user a second signature is gener- 
ated from the same two identifiers. Only when the two 
5 signatures coincide with each other can the software 
programs be copied from the master storage medium to 
the target storage medium. 

[0007] There are various problems associated with 
these methods. One is that many of them are open to 

io what are known as "hacks," which means that if one user 
determines the method of decrypting or using the appli- 
cation or data, it is very easy for that person to dissem- 
inate the manner of gaining access to the application or 
data. Some methods prevent this problem by making 

is the use of information dependent upon a particular hard- 
ware combination. This approach creates a problem of 
portability. The legitimate user cannot use the product 
on a computer in a different location, nor can the user 
exercise fair use (for example resale, lending). The ap- 

20 plication may fail to start or the data may be unreadable 
if users change their hardware configuration, such as by 
an upgrade. 

[0008] It is therefore an object of the present invention 
to provide a legitimate user with content that can be 

25 downloaded readily from a network, such as the Inter- 
net, and used at multiple locations by the legitimate user. 
[0009] It is a further object of the present invention 
that the content is protected against use and access to 
confidential information by an illegitimate user. 

so [0010] These objects are achieved by a method of 
transferring information from a content supplier from 
one or more databases, such information including pro- 
gram(s), audio, still pictures, video, data files (for exam- 
ple lists, spreadsheets, reports, documents, presenta- 

35 tion graphics, sales information), orcombinations there- 
of to a location that uses an authorizing hybrid disc that 
permits the use of such transferred information, com- 
prising the steps of: 

40 (a) providing an authorizing hybrid optical disc hav- 
ing a ROM portion and a RAM portion; 

(b) providing the ROM portion to include a pre- 
formed identification signature which is impressed 
into the ROM portion of the disc and is arranged to 

45 be difficult for a pirate to copy; 

(c) providing the RAM portion which includes user- 
specific encrypted information which makes the op- 
tical disc unique for a specific user and in combina- 
tion with the ROM preformed identification signa- 

so ture provides a user-personalized secure signature; 

(d) the content supplier encrypting information for 
each user using the user-personalized secure sig- 
nature and downloading selected encrypted infor- 
mation to the particular user's memory location; and 

55 ( e ) a particular user using the user-personalized se- 
cure signature to decode such downloaded select- 
ed encrypted information each time the user desires 
to access such information so that after use only the 
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encoded encrypted information remains in the user 
memory location. 

[0011] The use of an authorizing hybrid optical disc 
fortransferring content has advantages forboth the sup- 
plier of the content and the user. 
[0012] The content supplier can easily supply the con- 
tent over a network, such as the Internet, which allows 
a potential world-wide audience with small overhead. 
The content supplied to a user can be "locked" to that 
user, so that an unauthorized user cannot use the con- 
tent without the authorized user's authorizing disc. The 
supplier can supply confidential information, if there is 
a need, through the use of authorizing discs that can 
give the user access to this information, but the user 
cannot distribute this to others without also providing the 
single authorizing disc. 

[0013] Further, if some content, such as a game, is 
lost or stolen , individual identification in the conlenl re- 
lating to the disc it was originally "locked" to allow the 
origin of the loss to be traced. Additional security meas- 
ure can also be added to the basic features. 
[001 4] Advantages to the user include that the content 
is easily procured over a network connection, such as 
the Internet, despite the fact that it is locked to a partic- 
ular user's authorizing disc. The content is portable; if 
the user wishes to take it along while travelling, the user 
can copy the content (for example to the computer's 
hard drive), then bring the disc and use it on any com- 
puter equipped with an optical disc drive, such as 
CD-ROM drive, DVD reader, and so forth. Further, 
should the user have an optical disc writer, the user can 
download more than one program or document to his 
authorizing disc. As long as room exists to write the con- 
tent to the disc, the user could install additional content, 
which he could then use by only needing to bring a single 
disc along. 

[001 5] A further advantage is that this invention allows 
the user to exercise fair use while protecting the content 
owner from unauthorized distribution by the user. Users 
can lend, resell, or give away their copies of data and/ 
or software, but they must lend/resell/give their author- 
izing disc to allow the use of the content. The user can- 
not distribute multiple copies after purchasing only a sin- 
gle copy. 

[0016] FIG. 1a is a plain view of an authorizing hybrid 
optical disc which allows copy protection in accordance 
with the present invention; 

[001 7] FIG. 1b shows a schematic diagram of a sub- 
stitution scheme of encryption; 

[001 8] FIG. 1 c shows a schematic diagram of a sim- 
ple hiding scheme of encryption; 
[0019] FIG. 1d shows a schematic diagram of a more 
complex hiding scheme of encryption; 
[0020] FIG. 2 shows a method of forming a securesig- 
nature; 

[0021] FIG. 3 is a schematic diagram of the software 
technique to encrypt a client application in a non-copy- 



able way; 

[0022] FIG. 4 is block diagram showing an embodi- 
ment of a method for making an optical disc for use in 
this invention; 

5 [0023] FIG. 5a is a schematic diagram of how various 
software routines on different computers connected by 
a network interact to verify authenticity; 
[0024] FIG. 5b is a schematic diagram showing the 
public keys available for encryption and their comple- 

10 mentary private keys available for decryption and mes- 
sage signing; 

[0025] FIG. 6a is a schematic diagram showing the 
flow of data for delivering encrypted information; 
[0026] FIG. 6b is a schematic diagram showing an al- 
ls ternative flow of data for delivering encrypted informa- 
tion; 

[0027] FIG. 6c is a block diagram showing an embod- 
iment of a method by which the holder of the disc can 
obtain new content; 
20 [0028] FIG. 6d is a block diagram which shows how 
the public and private keys are used to create a secure 
channel for communication in the decryption of decrypt- 
ed data; 

[0029] FIG. 7 is a schematic diagram of the software 
25 technique to encrypt an executable application for han- 
dling encrypted data in a non-copyable way; 
[0030] FIG. 8 is a block diagram which shows howthe 
copy-protection scheme works when a hybrid optical 
disc including an encrypted executable file is read; 
30 [0031] FIG. 9a is a schematic diagram of how various 
software routines on the same computer interact to ver- 
ify authenticity and decrypt encrypted data; 
[0032] FIG 9b is a schematic diagram showing the 
public keys available for encryption and their comple- 
35 mentary private keys available for decryption and mes- 
sage signing; 

[0033] FIG. 10 is a block diagram which shows how 
the copy-protection scheme works when a hybrid optical 
disc including an encrypted data file is read; and 
-to [0034] FIG 11 shows another embodiment of the 
presonl invenlion. 

[0035] Turning now to FIG. 1, we see a diagram of 
authorizing hybrid optical disc 10. Authorizing hybrid op- 
tical disc 10 is a hybrid optical disc; that is, it includes 

"5 both a mastered pre-recorded area, also known as a 
ROM portion 14. and a recordable area, also known as 
a RAM portion 21 . The disc includes a center hole 12 
for clamping and spinning. ROM portion 14 is a mas- 
tered session, that is, a master disc was created includ- 

50 jng supplied software or data in the first session, and 
was subsequently used, either directly or through inter- 
mediate "Father" and "Mother" discs-to stamp multiple 
uncustomized copies of the disc. Additional mastered 
sessions are also possible RAM portion 21 can be of a 

55 write-once type (for example CD-WO or CD-R) or a re- 
writeable type (for example CD-RW), which can be writ- 
ten to by standard optical-disc writing techniques. Au- 
thorizing hybrid optical disc 10 also includes a pre- 
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formed identification signature 22, which is a digital sig- 
nal recorded during the mastering process and subse- 
quently impressed into ROM portion 1 4 of each author- 
izing hybrid optical disc 10. 

[0036] In a part of RAM portion 21 , a second session 
or written session 1 6 has been written by a content sup- 
plier or other authorized party prior to distribution. A con- 
tent supplier is defined as a person or entity engaged in 
the production, sale, or resale of information content (for 
example audio, video, text, data, and so forth) who wish- 
es to use authorizing hybrid optical disc 1 0 to make the 
content available to end users in a manner difficult to 
copy. The content supplier maintains the information 
content in its own databases and transfers information 
to end-users via a network (for example the Internet). 
Written session 16 can be a third or later session if au- 
thorizing hybrid optical disc 10 already includes more 
than one session. Written session 16 includes a unique 
identification number or unique ID, also known as user- 
specific encrypted information 24 that is written in one 
or more known absolute sector addresses in an encrypt- 
ed manner. User-specific encrypted information 24 
serves to make each hybrid optical disc 10 unique for a 
specific user by virtue of the fact that each user specific 
encrypted information 24 written to the hybrid optical 
disc 10 is a unique combination of binary digits. User- 
specific encrypted information 24 is also designed to be 
combined with preformed identification signature 22 to 
form a user-personalized secure signature. 
[0037] In some embodiments, written session 16 can 
include other programs or information. For example, au- 
thorizing hybrid optical disc 10 can further include an 
encrypted client application package 30, which includes 
a client application to verify the authenticity of authoriz- 
ing hybrid optical disc 10 in a secure way. 
[0038] Authorizing hybrid optical disc 10 can further 
include one or more additional written session(s) 1 8 that 
are written using recordable optical disc techniques, 
such as a CD-R, CD-WO, or CD-RW writer. This session 
can be written at any time after-distribution of authorizing 
hybrid optical disc 1 0 and can include an encrypted data 
package 32 and an encrypted executable package 34. 
Authorizing hybrid optical disc 10 can also include fur- 
ther writeable area 20, which is the as-yet-unwritten part 
of RAM portion 21. 

[0039] By the term "written in an encrypted manner" 
we mean written in such a way that the contents are not 
clear to a reader who does not know how the data is 
stored. Turning now to FIG. 1 b, 1 c, and 1 d, we see sche- 
matic diagrams of several example methods of encryp- 
tion. FIG. 1b shows a substitution scheme in which the 
symbols of unique identification 35 are replaced, on an 
individual basis or in blocks, with other symbols or 
groups of symbols 36. FIG. 1c shows a simple hiding 
scheme in which unique identification 35 is hidden 
among a longer series of symbols 37 Its position and 
length must be known to effect decryption. FIG. 1d 
shows a more complex hiding scheme in which the sym- 



bols of unique identification 35 are scrambled, either in- 
dividually or in groups, and hidden among a larger series 
of symbols 38. This invention can use one or more of 
these or other schemes to write user-specific encrypted 
s information 24 in an encrypted manner to RAM portion 
21 of authorizing hybrid optical disc 10. 
[0040] Turning now to FIG. 2, we see one method of 
forming a user-personalized secure signature. Pre- 
formed identification signature 22 and user-specific en- 
io crypted information 24 are concatenated to provide us- 
er-personalized secure signature 72. 
[0041] Turning next to FIG. 3, we see a diagram of 
one way that encrypted client application package 30 
can be structured and written to authorizing hybrid op- 
's tical disc 10 for use in this invention. Encrypted client 
application package 30 is a single executable program 
with the same name on the disc as the original execut- 
able program. Encrypted client application package 30 
includes self-extracting software 40 which runs first. It 
20 further includes anti-hacking routines 42 to check forthe 
presence of hacking software in memory when the pro- 
gram is run. It can further include a section with poly- 
morphic data and/or commands 44. Polymorphic code 
generally provides multiple paths which achieve the 
25 same results, but are constructed in such a way that a 
program follows a different path each time it executes. 
Polymorphic code is used to make the program more 
difficult to reverse-engineer. De-encrypting routines 46 
are designed to use the data stored on authorizing hy- 
30 brid optical disc 1 0 (specifically preformed identification 
signature 22 and user-specific encrypted information 
24) to de-encrypt encrypted client application 50. En- 
crypted client application package 30 further includes a 
private keys area 52, which includes a set of private en- 
35 cryption keys that are used to verify the authenticity and 
integrity of authorizing hybrid optical disc 1 0 in a secure 
manner by utilizing public key encryption. 
[0042] Turning now to FIG. 4, we see a block diagram 
of one method for making the optical discs to be used 
40 jn this invention. A hybrid optical disc is mastered with 
preformed identification signature 22 in step 110, and 
then used to manufacture a set of authorizing hybrid op- 
tical discs 1 0 with the same preformed identification sig- 
nature 22 in step 112. All succeeding information trans- 
<fs fers to the disc are by standard CD writertechniques. In 
step 114, user-specific encrypted information 24 is gen- 
erated for an individual authorizing hybrid optical disc 
10. Preformed identification signature 22 is read from 
the disc (step 1 1 8) and concatenated with user-specific 
50 encrypted information 24 to form user-personalized se- 
cure signature 72, which also serves as the encryption 
key (step 120). User-personalized secure signature 72 
is used to uniquely encrypt the client application 62 in 
step 1 22 . Encrypted client application 50 is inserted into 
55 a previously-created ISO 9660-compatible file image in 
step 124. The main data channel of the session is mod- 
ified with the user-specific encrypted information 24 
(step 1 26) and the entire package is written to authoriz- 
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ing hybrid optical disc 1 0 as RAM portion 1 6 in step 1 28 
Authorizing hybrid optical 'discs 10 can then be distrib- 
uted in any manner (for example mailed, distributed 
through stores, and so forth) 

[0043] Turning now to FIG. 5a, we see a schematic 5 
view of the way that user-personalized secure signature 
72 is passed to a remote location in a secure manner in 
order to verify the authenticity of authorizing hybrid op- 
tical disc 10 and subsequently to encrypt the desired 
content. This requires the use of a method which allows 10 
verification of the validity of authorizing hybrid optical 
disc 10 by a remote location 170. Client application 62 
runs on an end-user's computer system, which is phys- 
ically remote from remote location 1 70, but is connected 
via network 58 (for example the Internet). Remote loca- is 
tion 170 includes a method of encrypting and sending 
the desired content. Client application 62, which is orig- 
inally encrypted on authorizing hybrid optical disc 1 0 as 
encrypted client application 50 within encrypted client 
application package 30, is designed to read preformed 2° 
identification signature 22 and user-specific encrypted 
information 24 from authorizing hybrid optical disc 1 0 in 
data read step 70, and combine them into user-person- 
alized secure signature 72. Remote location 1 70 sends 
a key request 64 for user-personalized secure signature 25 
72 to client application 62. Included in key request 64 is 
a message to use one of a plurality of keys from private 
keys area 52 when answering the request. Client appli- 
cation 62 returns user-personalized secure signature 72 
to remote location 1 70 in signed message 66 that has 30 
been signed with the selected private key. Remote lo- 
cation 170 possesses the public key corresponding to 
the chosen private key, and can verify the authenticity 
of client application 62, and therefore of authorizing hy- 
brid optical disc 10. Remote location 170, once it pos- 35 
sesses user-personalized secure signature 72, can en- 
crypt the desired content. This will be further elaborated 
in what follows. 

[0044] Turning now to FIG. 5b, we see a schematic of 
the private keys available in private keys area 52, their 40 
corresponding public keys, and how they are used be- 
tween remote location 1 70 and client application 62, Cli- 
ent application 62 has been provided with a private key 
series 80, which is stored in private keys area 52 of en- 
crypted client application package 30. These private 4 $ 
keys are capable of decrypting messages that have 
been encrypted with the corresponding public key, and 
they are also capable of signing messages in a secure 
way. For example, private key 84 (otherprivate keys 86, 
88, 90 and 92 are also shown) can decrypt messages so 
that have been encrypted with public key 96 (other pub- 
lic keys 98, 100 and 102 are also shown). Public key 96 
can check the authenticity of messages signed by pri- 
vate key 84. Remote location 170 includes a public key 
series 82 of public keys corresponding to the private ss 
keys in private key series 80. Public key series 82 can 
include the entire set of keys corresponding to private 
keys series 80, or can be a subset thereof. The latter 



arrangement allows certain keys to be maintained ex- 
clusively for one application or one vendor without mod- 
ifying the client application. If the security of any key is 
compromised, that particular key can be removed from 
remote location 1 70, and the security breach is thereby 
closed. 

[0045] Remote location 1 70 randomly selects a public 
key "X" from public key series 82, making it selected 
public key 106. Remote location 170 sends key request 
64 to client application 62 and indicates in key request 
64 which key has been selected to be selected public 
key 1 06. Client application 62 selects the corresponding 
private key from private key series 80 to give the select- 
ed private key 1 04. The selected public key 1 06/select- 
ed private key 1 04 pair form public/private key channel 
108. Client application 62 uses private key 104 to sign 
signed message 66 that is sent to remote location 170. 
[0046] Turning now to FIG. 6a, we see a schematic 
diagram showing the flow of data that occurs when a 
user requests new content. This content can be includ- 
ing program(s), audio, still, video, datafiles (for example 
lists, spreadsheets, reports, documents, presentation 
graphics, sales information), or combinations thereof. At 
user site 1 71 , preformed identification signature 22 and 
user-specific encrypted information 24 are used to form 
user-personalized secure signature 72. User-personal- 
ized secure signature 72 is sent via network 58 to re- 
mote location 1 70. At remote location 1 70, plain content 
74, which is the unencrypted version of the content or- 
dered by the user, is encrypted by encryption utility 76 
using user-personalized secure signature 72. This cre- 
ates selected encrypted information 56. Depending on 
the nature of plain content 74, selected encrypted infor- 
mation 56 is either encrypted data package 32 or en- 
crypted executable package 34. Because these are en- 
crypted using user-personalized secure signature 72 as 
the key, the user who possesses authorizing hybrid op- 
tical disc 1 0 will be able to use selected encrypted infor- 
mation 56. Selected encrypted information 56 is then 
downloaded via network 58 to user site 1 71 . At user site 
171, selected encrypted information 56 is written to 
memory location 78. In this example, memory location 
78 is additional written session 18 in RAM portion 21 of 
authorizing hybrid optical disc 10. The memory location 
can be any other location capable of storing digital con- 
tent (for example a hard drive, a floppy disk, flash ROM, 
and others). 

[0047] It will be appreciated that the nature of net- 
works allows a plurality of users to simultaneously ac- 
cess remote location 170 and download content. Re- 
mote location 170 receives the user-personalized se- 
cure signature 72 for each particular user, encrypts plain 
content 74 with that particular user's user-personalized 
secure signature, and downloads the encrypted infor- 
mation 56 to that particular user's memory location 78. 
[0048] Turning now to FIG. 6b, we see a schematic 
diagram showing an alternative flow of data for deliver- 
ing encrypted content to a user. In this embodiment, us- 
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er-personalized secure signature 72 is filed at the con- 
tent supplier's remote location 1 70. At a request for con- 
tent, plain content 74, which is the unencrypted version 
of the content ordered by the user, is encrypted by en- 
cryption utility 76 using stored user-personalized secure 
signature 72. This creates selected encrypted informa- 
tion 56. Depending on the nature of plain content 74, 
selected encrypted information 56 is either encrypted 
data package 32 or encrypted executable package 34. 
Because these are encrypted using user-personalized 
secure signature 72 as the key, the user who possesses 
authorizing hybrid optical disc 10 will be able to use se- 
lected encrypted information 56. Selected encrypted in- 
formation 56 can then be delivered to the registered us- 
er, for example via electronic mail message 73. This en- 
cryption/delivery method allows someone other than the 
user (for example a relative buying a gift) to purchase 
encrypted content for a given user. Depending on secu- 
rity considerations, a content supplier may or may not 
include this service. 

[0049] Turning now to FIG. 6c, we see a method by 
which the user, who is the holder of the disc, can obtain 
new content. In step 140, the user communicates with 
a content supplier via a network. The user can connect 
to an Internet site from his home, or can go to another 
place, such as a kiosk that sells and transfers this type 
of content. There are a number of means by which a 
user can achieve a connection with a content supplier. 
The content supplier's remote location 1 70 can be ac- 
cessible via a channel (for example a network, the In- 
ternet, and so forth). The user can type in the address 
(for example an Internet URL) of the content supplier. 
Alternatively, authorized hybrid optical disc 10 can be 
encoded with a link that connects the user to remote lo- 
cation 170, either automatically or by the user clicking 
on a link. The latter alternative removes the possibility 
of user error in typing a network address. 
[0050] The user then selects content that he wishes 
to download (step 142) and if necessary makes pay- 
ment forthe content (step 144) via normal means of pay- 
ment over a network (for example credit card payment 
over the Internet) The content can be a game, music, 
video, text such as a book, or any other type of down- 
loadable information. The payment can be any normal 
means of making payment via a network. The user can 
transfer a payment number (for example a debit or credit 
card number) which authorizes a predetermined pay- 
ment amount to the content supplier from the user's 
bank or other commercial institution. Another form the 
payment number can take is an authorization number 
from the content supplier which gives the user a number 
of downloads that has been predetermined (for example 
by prepayment from the user, promotional considera- 
tions of the content supplier, and so forth). 
[0051] Once the user has selected and paid for the 
desired content, the user places authorizing hybrid op- 
tical disc 10 into a disc writer in step 146. A publicly ac- 
cessible kiosk would be furnished with such a disc writer. 



If the user is at home, he must have an optical disc writer 
if memory location 78 is in RAM portion 21 of authorizing 
hybrid optical disc 10. Client application 62 autolaunch- 
es or is selected (step 148). Client application 62 reads 

s preformed identification signature 22 and user-specific 
encrypted information 24 (step 150) and concatenates 
them into user-personalized secure signature 72, which 
also serves as the decryption key (step 152). A secure 
channel is established between client application 62 and 

»o remote location 170 (step 154) and user-personalized 
secure signature 72 is provided to remote location 170. 
(Step 156). 

[0052] In step 1 58, if remote location 1 70 determines 
that user-personalized secure signature 72 is invalid, or 
15 if it is missing, the process stops (step 1 60). If user-per- 
sonalized secure signature 72 is valid, the authorization 
for transfer is permitted and remote location 1 70 en- 
crypts plain content 74 using user-personalized secure 
signature 72 (step 162). Encrypled information 56 (em- 
20 bodied as encrypted data package 32 or encrypted ex- 
ecutable package 34) is transmitted to the writer (step 
164), where it is written to a new session (step 166). 
This is known as an authorized transfer because the us- 
er has made payment and has been verified as possess- 
es jng a valid authorizing hybrid optical disc 10. Once the 
content is completely written, the contact is closed (step 
168). 

[0053] Turning now to FIG 6d, we see a block dia- 
gram showing more details of the secure method for 

30 transmitting user-personalized secure signature 72. In 
step 172, remote location 170 randomly chooses select- 
ed public key 106 from public key series 82. In step 174, 
remote location 1 70 sends key request 64 to client ap- 
plication 62 to use public/private key channel 108 (that 

3s is the random key it has selected). Client application 62 
forrhats user-personalized secure signature 72 into a 
message (step 176) which it then signs with selected 
private key 104 (step 178). Client application 62 then 
sends signed message 66 to remote location 1 70 (step 

■to 180) Remote location 1 70 receives signed message 66 
and uses selected public key 1 06 to verify signed mes- 
sage 66 (stop 182) If signed message 66 is not valid 
(step 184) the process stops (step 186). If signed mes- 
sage bb is valid, the process then continues (step 188). 

45 [0054] Once the user has downloaded encrypted in- 
formation 56 in an authorized transfer, authorizing hy- 
brid opiicnl disc 10 serves to allow the user access to 
the encrypted information. Encrypted information 56 
can be encrypted data (embodied as encrypted data 

so package 32) or an encrypted executable program (em- 
bodied as encrypted executable package 34). We first 
describe the user's access to the encrypted executable 
program. Turning to FIG. 7, we see a diagram of one 
way that encrypted executable package 34 can be struc- 

55 tured and written to authorizing hybrid optical disc 1 0 for 
use in this invention. Encrypted executable package 34 
is a single executable program with the same name on 
the disc as the original executable program. Encrypted 
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executable package 34 includes self-extracting soft- 
ware 40 which runs first. It further includes anti-hacking 
routines 42 to check for the presence of hacking soft- 
ware in memory when the program is run. It further in- 
cludes a section with polymorphic data and/or com- 
mands 44. Polymorphic code generally provides multi- 
ple paths which achieve the same results, but a-c con- 
structed in such away that a program follows a dillcrcnt 
path each time it executes, and makes the p-ogfam 
more difficult to reverse-engineer. De-encrypting -ou- 
tines 46 are designed to use the data stored on aufior- 
izing hybrid optical disc 10 (specifically preformed iden- 
tification signature 22 and user-specific encrypted infor- 
mation 24) to de-encrypt encrypted executable 48 
[0055] Turning now to FIG. 8, a method is shown by 
which this invention is designed to operate with encrypt- 
cd executable package 34 in the hands of the end user 
In step 190, the end-user inserts authorizing hybrid op- 
tical disc 10 into an optical disc drive (for example 
CD-ROM, CD-R, or CD-RW drive). Encrypted executa- 
ble package 34 on authorizing hybrid optical disc 10 
runs automatically or is selected (step 192). The pro- 
gram first uses anti-hacking routines 42 to check for 
hacking software that can be used to reverse-engineer 
the program and defeat copy-protection schemes (step 
194). If such reverse-engineering software is present, 
the anti-hacking routines display an error message to 
the user and stop automatically (step 196). 
[0056] If no such reverse-engineering software is 
present on the end-user's system, the de-encrypting 
routines 46 read preformed identification signature 22 
in step 1 98. In step 200, de-encrypting routines 46 read 
user-specific encrypted information 24 from authorizing 
hybrid optical disc 10. In step 202, de-encrypting rou- 
tines 46 concatenate user-specific encrypted informa- 
tion 22 and preformed identification signature 24 into us- 
er-personalized secure signature 72, which also serves 
as the decryption key. User-personalized secure signa- 
ture 72 is then used to decrypt encrypted executable 48 
(step.204). The program then determines (step 206) if 
the decryption was valid. There are several ways of do- 
ing this, for example looking for a flag in the decrypted 
program or checking if operating-system-specific code 
is present in the decrypted executable. If the decryption 
was unsuccessful, an error message is displayed and 
the program — and the entire process — stops (step 
196). II Ihe decryption was successful, the original exe- 
cutable is then started (step 208). 
[0057] De-encrypting routines 46 remain in the back- 
ground (step 212) while the program executes (step 
210) and exits (step 214). Once the original program ex- 
its, de-encrypting routines 46 clear the memory and 
hard-drive space used by the original program (step 
216) and then close down (step 218) In this way, any 
decrypted form of the original executable is removed 
and only the encoded encrypted information (for exam- 
ple encrypted executable package 34) remains in the 
user's memory location 78. The authorization and de- 



cryption process is repeated each time the executable 
is started. 

[0058] Turning to FIG. 9a, we now describe one meth- 
od to give the user access to encrypted data. This meth- 
5 od passes a decryption key in a secure manner in order 
to decrypt encrypted data package 32. Encrypted data 
package 32 can be constructed several ways. It can 
consist entirely of the encrypted information. In that 
case, supporting routines used for encrypted executa- 
io blc package 34 (for example self-extracting software 40, 
anti-hacking routines 42) are not required. Encrypted 
data package 32 can also be constructed to include the 
sjpporiing routines. Encrypted data package 32 can be 
s:orcd on authorizing hybrid optical disc 10 as shown, 
'5 or ir. another memory location on the user's system, 
sjen as the hard drive, compact flash, and so forth. 
[0059] Two applications that can communicate with 
each other in a secure manner are used on the same 
system The first is [he playback application or customer 
20 application 60, which is a data-use program (for exam- 
ple a text reader, spreadsheet or presentation program, 
sounder video playback application) that includes a rou- 
tine for decrypting encrypted data package 32, but does 
not include a decryption key. The decryption key is 
25 passed to it by the second application. The second ap- 
plication is the client application 62, which is originally 
encrypted on authorizing hybrid optical disc 10. Client 
application 62 is designed to road preformed identifica- 
tion signature 22 and user-specific encrypted informa- 
30 tion 24 from authorizing hybrid optical disc 10 in data 
read step 70.. and combine them into user-personalized 
secure signature 72. which also serves as the decryp- 
tion key. Customer application 60 lirst sends a key re- 
quest 64 for user-personalized secure signature 72 to 
35 client application 62. Included in key request 64 is a 
message to use one of a plurality of keys from private 
keys area 52 when answering the request. Client appli- 
cation 60 returns user-personali/cd secure signature 72 
to customer application 60 in a signed message 66 that 
-«> has been signed with the selected private key. Customer 
application 60 possesses the public key corresponding 
to thechosen private key, and can verify the authenticity 
ol client application 62. and therefore of authorizing hy- 
brid optical disc 10. Customer application 60, once it 
"5 possesses user-personalized secure signature 72, can 
then read the encrypted data package 32 from author- 
ising hybrid optical disc 10 (data read step 68) and de- 
crypt it. This will be further elaborated in what follows. 
[0060] Turning now to FIG. 9b, we see a schematic of 
50 the private keys available in private keys area 52, their 
corresponding public keys, and how they are used be- 
tween customer application 60 and client application 62. 
Referring to FIG. 3, client application 62 has been pro- 
vided with a private key series 80, which is stored in pri- 
55 vate keys area 52 of encrypted client application pack- 
age 30. These private keys are capable of decrypting 
messages that have been encrypted with the corre- 
sponding public key, and they are also capable of sign- 
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ing messages in a secure way. For example, private key 
84 can decrypt messages that have been encrypted with 
public key 96 Public key 96 can check the authenticity 
of messages signed by private key 84. Customer appli- 
cation 60 includes a public key series 82 of public keys 
corresponding to the private keys in private key series 
80. Public key series 82 can include the entire set of 
keys corresponding to private keys series 80, or can be 
a subset thereof. The latter arrangement allows certain 
keys to be maintained exclusively for one application or 
one vendor without modifying the client application. If 
the security of any key is compromised, that particular 
key can be removed from customer application 60, and 
the security breach is thereby closed. 
[0061] Customer application 60 randomly selects a 
public key "X" from public key series 82, making it se- 
lected public key 106. Customer application 60 sends 
key request 64 to client application 62 and indicates in 
key request 64 which key has been selected to be se- 
lected public key 106. Client application 62 selects the 
corresponding private key from private key series 80 to 
give the selected private key 104. The selected public 
key 106/selected private key 104 pair form public/pri- 
vate key channel 1 08. Client application 62 uses private 
key 1 04 to sign signed message 66 that is sent to cus- 
tomer application 60. 

[0062] Turning now to FIG. 10, and referring also to 
FIGS. 3, 9a, and 9b, a first embodiment is shown by 
which this invention is designed to operate with an en- 
crypted data file in the hands of a particular user who 
has purchased and downloaded selected encrypted in- 
formation. In this embodiment, encrypted data package 
32 is stored on authorizing hybrid optical disc 1 0. In step 
220, the user inserts authorizing hybrid optical disc 10 
into an optical disc drive. Customer application 60 au- 
toruns or is selected (step 222). In step 224, client ap- 
plication 62 autostarts or is launched. Customer appli- 
cation 60 can be the agent or requestor for launching 
client application 62. Client application 62 first checks 
to see if there is any hacking software running on the 
host machine (step 226). Such software can be used to 
follow the steps that client application 62 uses, in an at- 
tempt to crack client application 62. If such software is 
running on the host machine, client application 62 stops 
(step 228) and decryption of the data is not possible. 
[0063] If the host computer is determined to be safe, 
client application 62 reads preformed identification sig- 
nature 22 and user-specific encrypted information 24 
from authorizing hybrid optical disc 10 in step 230, and 
in step 232 concatenates the two IDs into user-person- 
alized secure signature 72, which also serves as the de- 
cryption key. Customer application 60 randomly choos- 
es selected public key 106 from public key series 82 
(step 234). In step 236, customer application 60 sends 
key request 64 to client application 62, requesting that 
user-personalized secure signature 72 be sent with 
signed message 66. Client application 62 creates a 
message that includes user-personalized secure signa- 



ture 72, signs the message with selected private key 1 04 
as requested by customer application 60, and passes 
signed message 66 to customer application 60 (step 
238). 

s [0064] Customer application 60 receives signed mes- 
sage 66 and, in step 240, uses selected public key 106 
to verify the identity of signed message 66 and therefore 
of authorizing hybrid optical disc 10. If the check fails, 
the decryption stops (step 228) and no decrypted con- 

io tent is shown to the end-user. Presumably this is be- 
cause the disc is counterfeit or damaged in some way. 
If the message is valid, customer application 60 uses 
user-personalized secure signature 72 to decrypt en- 
crypted data package 32 in step 242, and then present 

'5 it to the end-user (step 244). 

[0065] Turning now to FIG. 11, and referring also to 
FIGS 3, 9a, and 9b, a second embodiment is shown by 
which this invention is designed to operate with an en- 
crypted data file in the hands of a particular user who 

20 has purchased and downloaded selected encrypted in- 
formation. In this embodiment, encrypted data package 
32 is stored in a memory location other than authorizing 
hybrid optical disc 1 0 (for example the user's hard drive) . 
In step 250, the user selects customer application 10 

25 (for example audio player, document viewer, presenta- 
tion program). The user or the application selects en- 
crypted data package 32 as the data file to open in step 
252 Steps 250 and 252 can be combined if the operat- 
ing system allows the selection of a data file to open the 

30 corresponding application. In step 254, customer appli- 
cation 60 recognizes that encrypted data package 32 is 
encrypted data. Customer application 60 displays a 
message to the user that authorizing hybrid optical disc 
10 must be inserted (step 256). In step 258, the user 

35 inserts authorizing hybrid optical disc 10 into an optical 
disc drive. In step 224, client application 62 autostarts 
or is launched. Customer application 60 can be the 
agent or requestor for launching client application 62. 
Client application 62 first checks to see if there is any 

40 hacking software running on the host machine (step 
226). 

[0066] Such software can be used to follow the steps 
that client application 62 uses, in an attempt to crack 
client application 62. If such software is running on the 

"5 host machine, client application 62 stops (step 228) and 
decryption of the data is not possible. 
[0067] If the host computer is determined to be safe, 
client application 62 reads preformed identification sig- 
nature 22 and user-specific encrypted information 24 

so from authorizing hybrid optical disc 1 0 in step 230, and 
in step 232 concatenates the two IDs into user-person- 
alized secure signature 72, which also serves as the de- 
cryption key. Customer application 60 randomly choos- 
es selected public key 106 from public key series 82 

55 (step 234). In step 236, customer application 60 sends 
key request 64 to client application 62, requesting that 
user-personalized secure signature 72 be sent with 
signed message 66. Client application 62 creates a 
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message that includes user-personalized secure signa- 
ture 72, signs the message with selected private key 1 04 
as requested by customer application 60, and passes 
signed message 66 to customer application 60 (step 
238). 

[0068] Customer application 60 receives signed mes- 
sage 66 and, in step 240, uses selected public key 1 06 
to verify the identity of signed message 66 and therefore 
of authorizing hybrid optical disc 10, If the check fails, 
the decryption stops (step 22B) and no decrypted con- 
tent is shown to the end-user. Presumably this is be- 
cause the disc is counterfeit or damaged in some way. 
If the message is valid, customer application 6Q uses 
user-personalized secure signature 72 to decrypt en- 
crypted data package 32 in step 242, and then present 
it to the end-user (step 244). 

[0069] This invention allows a high degree of control 
over remote downloading of music, video, private text 
and pictures, and much more. This invention and its de- 
gree of control over remote downloading can best be 
illustrated with some examples. 

[0070] Example 1 . A creator of electronic computer 
games wishes to make the games available for down- 
loading to customers. This creates a simple distribution 
model that can be achieved over a network 58 such as 
the Internet. However, the games creator wishes to re- 
strict the distribution beyond the end user. The games 
creator can have an authorizing hybrid optical disc 10 
manufactured Each disc includes preformed identifica- 
tion signature 22 (which is unique to that set of discs) 
impressed In ROM portion 14. Each disc also includes 
a unique user-specific encrypted information 24. The 
so-prepared discs can then be distributed by the games 
creator via any ordinary distribution means (for example 
by mail, at retail outlets that appeal to games players, 
cover-mounted to gaming magazines, and so forth) to 
customers or potential customers. For example, the disc 
may be mailed to a customer upon the purchase of one 
of the available games, and includes the first game that 
the customer buys. 

[0071] For subsequenl games, the user merely needs 
to connect to the games creator's website on the Inter- 
net and order the game(s) desired. The user pays for 
the games electronically. Via the techniques described 
herein, the games creator encrypts the desired games 
to the key of the user's authorizing hybrid optical disc 1 0 
and transmits the encrypted games to the user. At the 
user's location, the game can be stored on authorizing 
hybrid optical disc 10 (if the user has an optical disc writ- 
er and sufficient space exists on authorizing hybrid op- 
tical disc 10), or in another memory location, such as 
the user's hard drive. 

[0072] The game is an encrypted executable file that 
can use techniques similar to those described herein to 
run only if the user's authorizing hybrid optical disc 10 
is available in an optical disc reader on the user's sys- 
tem. 

[0073] In this scenario, the user is free to make copies 



of the downloaded games. For example, the user may 
wish to transfer some games to a laptop computer to 
make them accessible during a trip. This is possible so 
long as the user also brings authorizing hybrid optical 
5 disc 10. The user can even bring a game to run at a 
friend's house, along with authorizing hybrid optical disc 
10. However, to permanently give the friend access to 
the game, the user would need to transfer authorizing 
hybrid optical disc 10, which would remove his own ac- 

io cess to all the games that the disc allows access to. 
Thus, the user can freely exercise fair use of the game, 
while it is protected from distribution by the user. 
[0074] Example 2. A "publisher of electronic books 
(sometimes called e-books) wishes to make the books 

'5 available for downloading to customers. This creates a 
simple distribution model that can be achieved over a 
network 5B such as the Internet. As in the case of 
games, the publisher wishes to restrict the distribution 
beyond the end user. Thepublishercan have an author- 

20 izing hybrid optical disc 1 0 manufactured Each disc in- 
cludes preformed identification signature 22 (which is 
unique to that set of discs) impressed in ROM portion 
14. Each disc also includes a unique user-specific en- 
crypted information 24. The so-propared discs can then 

25 be distributed by the publisher via any ordinary distribu- 
tion means (for example by mail, at retail outlets that 
appeal to readers, and so forth) to customers or poten- 
tial customers. For example, the disc may be mailed to 
a customer upon the purchase of one of the available 

30 e-books : and includes the first e-book that the customer 
buys. 

[0075] For subsequent e-books, the user merely 
needs 1o connect to the publisher's website on the In- 
ternet and order the e-book(s) desired. The user pays 

35 for the e-books electronically. Via the techniques 
scribed herein, the publisher encrypts the desired e 
books to the key of the user's authorizing hybrid optical 
disc 1 0 and transmits the encrypted e-books to the u: 
At the user's location, the e-book can be stored on 

^0 thorizing hybrid optical disc 1 0 (if the user has an optical 
disc writer and sufficient space exists on authorizing hy- 
brid optical disc 1 0), or in another memory location, such 
as the user's hard drive. 

[0076] The e-book is an encrypted data file that can 
45 be read using techniques similar to those described 
herein only if the user's authorizing hybrid optical disc 
10 is available in an optical disc reader on the user's 
system. This requires the use of a text reader that is 
aware of client application 62 and uses user-personal- 
so ized secure signature 72 to decrypt the encrypted data. 
The publisher can include such a reader on authorizing 
hybrid optical disc 10 with the user's first purchase. 
[0077] In this scenario, the user is free to make copies 
of the downloaded e-books. For example, the user may 
55 wish to transfer some e-books to a laptop computer to 
make them accessible during a trip. This is possible so 
long as the user also brings authorizing hybrid optical 
disc 10. The user can even bring an e-book to a friend's 
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house, along with authorizing hybrid optical disc 10. 
However, to permanently give the friend access to the 
e-book, the user would need to transfer authorizing hy- 
brid optical disc 10, which would remove his own access 
to all the e-books that the disc allows access to. Thus, 
the user can freely exercise fair use of the e-book, while 
it is protected from distribution by the user. 
[0078] Example 3. A central corporate rescnrcn li- 
brary wishes to make confidential reports available for 
downloading to scientists who have clearance m a 
number of varied corporate locations. This creates a 
simple distribution model that can be achieved over a 
network 58 such as a corporate intranet. It is crucial lo 
corporate security that the distribution of such reports 
be strictly limited to only those cleared. The library can 
have an authorizing hybrid optical disc 10 manutac- 
tured. Each disc includes preformed identification sig- 
nature 22 (which is unique to that set of discs) impressed 
in ROM portion 14. Each disc also includes a unique 
user-specific encrypted information 24. The so-pie- 
pared discs can then be distributed via internal corpo- 
rate means to those scientists who have been cleared 
by management for such distribution. 
[0079] To obtain reports, the scientist merely needs to 
connect to the library's website on the intranet and 
download the report(s) required. The library system can 
determine from authorizing hybrid optical disc 1 0 wheth- 
er the scientist has clearance to the reports ordered Via 
the techniques described herein, the publisher encrypts 
the reports to the key of the scientist's authorizing hybrid 
optical disc 10 and transmits the encrypted reports to 
the scientist. At the scientist's location, the report can 
be stored on authorizing hybrid optical disc 10 (if the 
scientist has an optical disc writer and sufficient space 
exists on authorizing hybrid optical disc 1 0), or in anoth- 
er memory location, such as the scientist's hard drive. 
[0080] The report is an encrypted data file that can be 
read using techniques similar to those described herein 
only if the scientist's authorizing hybrid optical disc 10 
is available in an optical disc reader on the scientist's 
system. This requires the use of a text reader that is 
aware of client application 62 and uses user-personal- 
ized secure signature 72 to decrypt the encrypted data. 
The library can include such a reader on each authoriz- 
ing hybrid optical disc 10. 

[0081] In this scenario, the scientist is free to make 
copies of the downloaded reports. For example, the sci- 
entist may wish to read some at home. This is possible 
so long as the scientist also brings authorizing hybrid 
optical disc 10. However, the report is unreadable to 
someone who does not possess the particular author- 
izing hybrid optical disc 1 0. Thus, someone else finding 
the file will not be able to read classified corporate infor- 
mation, as long as the scientist exercises caution with 
the "key" disc. The multiple layers of authentication and 
piracy checking mean that someone cannot easily make 
a pirated copy of authorizing hybrid optical disc 10, nor 
use other methods to obtain the access information and 
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emulate authorizing hybrid optical disc 10. Because the 
disc is keyed to a particular scientist, access can be 
turned off for a lost disc without affecting other scientists. 
[0082] Other features of the invention are included be- 
s low. 

[0083] The method wherein payment is provided by a 
user by transferring a payment number which can be 
used lor transferring a predetermined payment amount 
from a commercial institution that can be for a number 
'0 of content selections to be selected by the holder of the 
hybrid optical disc. 

[0084] The method wherein the user-personalized se- 
cure signature includes payment authorizing informa- 
tion. 

'5 [0085] The method wherein the RAM portion of the 
hybrid optical disc is the user memory location for the 
downloaded content. 

[0086] The method wherein a channel is used to com- 
municate with the remote location via a network and 
20 wherein the hybrid disc is encoded with the address of 
the remote location. 

[0087] The method wherein the channel is the Inter- 
net. 



Claims 

1. A method of transferring information from a content 
supplierfrom one or more databases, such informa- 

30 tion including program(s), audio, still pictures, vid- 
eo, or data files (for example lists, spreadsheets, 
reports, documcnls. presentation graphics, sales 
information), or combinations (hereof to a location 
that uses an authorizing hybrid disc that permits the 

3s use of such transferred inlormation. comprising the 
steps of: 

(a) providing an authorizing hybrid optical disc 
having a ROM portion and a RAM portion; 

Jo (b) providing the ROM portion to include a pre- 

formed identification signature which is im- 
pressed into the ROM portion of the disc and is 
arranged to be difficult for a pirate to copy; 
(c) providing the RAM portion which includes 

45 user-specific encrypted information which 

makes the optical disc unique for a specific user 
and in combination wiLh the ROM preformed 
identification signature provides a user-person- 
alized secure signature; 

so (d) the content supplier encrypting information 

for each user using the user-personalized se- 
cure signature and downloading selected en- 
crypted information to the particular user's 
memory location; and 

55 (e) a particular user using the user-personal- 

ized secure signature to decode such down- 
loaded selected encrypted information each 
time the user desires to access such informa- 



10 



19 EP1267 

tion so that after use only the encoded encrypt- 
ed information remains in the user memory lo- 
cation. 

The method of claim 1 wherein the RAM portion of s 
the hybrid optical disc is Ihe user memory location 
for the downloaded content. 

A method of transferring information from a content 
supplier from one or more databases, such informa- 10 
tion including program(s), audio, still pictures, vid- 
eo, or data files (for example lists, spreadsheets, 
reports, documents, presentation graphics, sales 
information), or combinations thereof to a location 
that uses an authorizing hybrid disc that permits the '5 
use of such transferred information, comprising the 
steps of: 

(a) providing an authorizing hybrid optical disc 
having a ROM portion and a RAM portion; 20 

(b) providing the ROM portion lo include a pre- 
formed identification signature which is im- 
pressed into the ROM portion of the disc and is 
arranged to be difficult for a pirate to copy; 

(c) providing the RAM portion which includes 25 
user-specific encrypted information which 
makes the optical disc unique for a specific user 
and in combination with the ROM preformed 
identification signature provides a user-person- 
alized secure signature; 30 

(d) a user communicating over a network with 
the content supplier and selecting information 
desired to be downloaded; 

(e) the content supplier encrypting using the us- 
er-personalized secure signature and down- 35 
loading the selected encrypted information to a 
user memory location; and 

(f) the user using the user-personalized secure 
signature to decode such downloaded selected 
encrypted information each time the user de- 40 
sires to access such information so that after 
use only the encoded encrypted information re- 
mains in the user memory location. 

The method of claim 3 further including the step of 45 
a user making payment via the network for the 
transfer of the selected encrypted information. 

The method of claim 4 wherein payment is provided 
by a user by transferring a payment number which so 
can be used for transferring a predetermined pay- 
ment amount from a commercial institution that can 
be for a number of content selections to be selected 
by the holder of the hybrid optical disc. 



44 A2 20 

7. The method of claim 3 wherein a channel is used 
to communicate with the remote location via a net- 
work and wherein the hybrid disc is encoded with 
the address of the remote location. 

8. The method of claim 7 wherein the channel is the 
Internet. 

9. A method of permitting authorized transfer of infor- 
mation from a content supplier from one or more 
databases, such information including program(s), 
audio, still pictures, video, or data files (for example 
lists, spreadsheets, reports ; documents, presenta- 
tion graphics, sales information), or combinations 
thereof to a location that uses an authorizing hybrid 
disc that permits the use of such transferred infor- 
mation, comprising the steps of: 

(a) providing an authorizing hybrid optical disc 
having a ROM portion and a RAM portion; 

(b) providing the ROM portion to include a pre- 
formed identification signature unique to a par- 
ticular user which permits authorization for 
transfer and decoding information from the da 
tabase(s) which is impressed into the ROM por- 
tion of the disc and is arranged to be difficult for 
a pirate to copy; 

(c) providing the RAM portion which includes 
user-specific encrypted information which 
makes the optical disc unique for a specific user 
and in combination with the ROM preformed 
identification signature provides a user-person- 
alized secure signature; 

(d) a user communicating over a network with 
the content supplier providing the authorizing 
user-personalized secure signature to the con- 
tent supplier and selecting information desired 
to be downloaded; 

(e) the content supplier encrypting using the us- 
er-personalized secure signature and down- 
loading the selected encrypted information to a 
user memory location; and 

(f) the user using the user-personalized secure 
signature to decode such downloaded selected 
encrypted information each time the user de- 
sires to access such information so that after 
use only the encoded encrypted information re- 
mains in the user memory location. 

10. The method of claim 9 further including the step of 
a user making payment via the network for the 
transfer of the selected encrypted information. 



The method of claim 3 wherein the RAM portion of 
the hybrid optical disc is the user memory location 
for the downloaded content. 
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